Section 6.6. Implementation Differences

Previous page
Table of content
Next page

team bbl


6.6. Implementation Differences

We've already discussed the shadow password file supported by Linux and Solaris. FreeBSD and Mac OS X store encrypted passwords differently. Figure 6.5 summarizes how the four platforms covered in this book store user and group information.

Figure 6.5. Account implementation differences

Information

FreeBSD
5.2.1

Linux
2.4.22

Mac OS X 10.3

Solaris
9

Account information

/etc/passwd

/etc/passwd

netinfo

/etc/passwd

Encrypted passwords

/etc/master.passwd

/etc/shadow

netinfo

/etc/shadow

Hashed password files?

yes

no

no

no

Group information

/etc/group

/etc/group

netinfo

/etc/group


On FreeBSD, the shadow password file is /etc/master.passwd. Special commands are used to edit it, which in turn generate a copy of /etc/passwd from the shadow password file. In addition, hashed versions of the files are also generated: /etc/pwd.db is the hashed version of /etc/passwd, and /etc/spwd.db is the hashed version of /etc/master.passwd. These provide better performance for large installations.

On Mac OS X, however, /etc/passwd and /etc/master.passwd are used only in single-user mode (when the system is undergoing maintenance; single-user mode usually means that no system services are enabled). In multiuser modeduring normal operationthe netinfo directory service provides access to account information for users and groups.

Although Linux and Solaris support similar shadow password interfaces, there are some subtle differences. For example, the integer fields shown in Figure 6.3 are defined as type int on Solaris, but as long int on Linux. Another difference is the account-inactive field. Solaris defines it to be the number of days since the user last logged in to the system, whereas Linux defines it to be the number of days after which the maximum password age has been reached.

On many systems, the user and group databases are implemented using the Network Information Service (NIS). This allows administrators to edit a master copy of the databases and distribute them automatically to all servers in an organization. Client systems contact servers to look up information about users and groups. NIS+ and the Lightweight Directory Access Protocol (LDAP) provide similar functionality. Many systems control the method used to administer each type of information through the /etc/nsswitch.conf configuration file.

    team bbl


    Previous page
    Table of content
    Next page
    Advanced Programming in the UNIX Environment
    Advanced Programming in the UNIX Environment, Second Edition (Addison-Wesley Professional Computing Series)
    ISBN: 0321525949
    EAN: 2147483647
    Year: 2005
    Pages: 370
    Authors: W. Richard Stevens, Stephen A. Rago
    BUY ON AMAZON
    ERP and Data Warehousing in Organizations: Issues and Challenges
    Adobe After Effects 7.0 Studio Techniques
    Cisco IOS in a Nutshell (In a Nutshell (OReilly))
    Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
    Extending and Embedding PHP
    Python Programming for the Absolute Beginner, 3rd Edition
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy